package com.efuture.filter;

import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.io.IOException;

/**
 * @description: 登录过滤器校验 没有登录 则让登录 否则直接放行
 * @author zhaoshanshan
 * @date 2021/10/4 9:32 下午
 * @version 1.0
 */
//@WebFilter("/*")
public class LoginFilter implements Filter {
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

        HttpServletRequest request =  (HttpServletRequest)servletRequest;
        String requestURI = request.getRequestURI();
        if(requestURI.contains("yzmlogin.jsp")||requestURI.contains("/CheckCodeServlet")||requestURI.contains("/YzmLoginServlet")){
            //访问本身是登录资源 直接放行
            filterChain.doFilter(servletRequest,servletResponse);
        }else{
            HttpSession session =  request.getSession();
            String userName = (String)session.getAttribute("user");
            if(null!=userName&&userName.length()>0){
                //已经登录 直接放行
                filterChain.doFilter(servletRequest,servletResponse);
            }else{
                //没有登录 转发到登录界面
                request.setAttribute("login_error","你尚未登录,请登录");
                request.getRequestDispatcher("/yzmlogin.jsp").forward(servletRequest,servletResponse);
            }
        }


    }
}
